erm.. i still dont get it..

what i understand is..

1. create a database with user login information
2. create login.aspx and default.aspx
3. in the login.aspx, put login control. this is where i am blurred. i dont know the code to connect from this page to SQL, to pull the data..

i want to see how the code will be in login.aspx.cs

using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;

namespace WebApplication1
    public partial class _Default : System.Web.UI.Page
        protected void Page_Load(object sender, EventArgs e)


        protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
bool Authenticated = false;
Authenticated = ValidateLogIn(Login1.UserName, Login1.Password);
if (Authenticated == true)


private bool ValidateLogIn(string UserName, string Password)
bool blnRetVal = false;
string strConnection = "data source=localhost;database=SQL2K5;uid=sa;pwd=;";
SqlConnection Connection = new SqlConnection(strConnection);
String strSQL = "Select UserId,Password From Authenticate where UserId =+”’John’” + and Password =+”’Password’”;";
SqlCommand command = new SqlCommand(strSQL, Connection);
SqlDataReader dr;
dr = command.ExecuteReader();
while (dr.Read())
if ((UserName == dr[0].ToString()) & (Password == dr[1].ToString()))
blnRetVal = true;

return blnRetVal;